Bridging mode: ¿can servers be reachable by their real IP addresses?

Hello team.

Customer is asking me to load balance a farm of servers for clients in the same subnet, so I am going to configure bridge mode.

In parallel, customer is asking me to have visibility of the real IP addresses of each of the individual servers in the farm, for management purposes. I do not know if this possible, but I would assume that ACE will bridge packets from client to destination server´s real IP address in cases like this. ¿Am I right?

I do not know if this is feasible by default or if I need to put policies in place to allow it.

Bridging mode: ¿can servers be reachable by their real IP addre

Hi,

If you are hitting a virtual ip (for loadbalancing) then you need to apply the policy on the inbound interface and src nating might be required. If you are hitting directly the real server ip then ACE would just bridge the traffic.

Bridging mode: ¿can servers be reachable by their real IP addre

Hi,

If you are hitting a virtual ip (for loadbalancing) then you need to apply the policy on the inbound interface and src nating might be required. If you are hitting directly the real server ip then ACE would just bridge the traffic.

Bridging mode: ¿can servers be reachable by their real IP addre

Let me please check something else about your answer. You say that SRC NAT might be required. I assume that you warn me of this IF clients and servers are in the same VLAN.

But IF clients are in VLAN X and servers are in VLAN Y (both vlans bridged by the ACE), then the ACE won´t need SRC NAT to disguise clients´ addresses, since clients and servers are physically joined thru the ACE.

Topology & Design:
Overview:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
view more

Prerequisites
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Configuration
C...
view more

Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
I. Introduction
In the Previous articles of ACI Automation, we are using Postman/Newman a...
view more